Netvora logo
Submit Startup Subscribe
Home About Contact Submit Startup Subscribe

Google Warns of Phishing Attacks Targeting Salesforce Customers

Comment

Google Warns of Phishing Attacks Targeting Salesforce Customers

Netvora June 4, 2025 at 04:31 PM Security
Google Warns of Phishing Attacks Targeting Salesforce Customers

Google Warns of Phishing Attacks Targeting Salesforce Customers

By Netvora Tech News

Google has issued a warning to businesses and organizations that use Salesforce, a popular customer relationship management (CRM) software provider, about a group of attackers using social engineering tactics to steal sensitive data. The attackers, known as UNC6040, have been successful in several attacks over the past few months, with the stolen data often being used for extortion. The attacks typically involve an attacker calling an employee of a multinational company, posing as a help desk representative. The attacker then convinces the employee to share sensitive login credentials or grant access to their Salesforce account. Once access is gained, the attackers can steal a wide range of data. "In all observed cases, the attackers relied on manipulating end-users, not exploiting vulnerabilities in Salesforce," said Google. One common tactic used by the attackers is to trick victims into installing a malicious app that grants access to their organization's Salesforce portal. The malicious app is often a modified version of the Salesforce Data Loader. During the phone call, the attacker leads the employee to a page where they are prompted to approve the malicious Data Loader app. Once installed, the attackers can steal data from the Salesforce environment. The gained access not only leads to data loss but often also allows the attackers to compromise other cloud services and internal company networks. Google notes that there may be a delay between a compromised Salesforce environment and the extortion attempt. "It is possible that multiple victim organizations and potential downstream victims may encounter extortion attempts in the coming weeks or months," the company warned. It is essential for organizations that use Salesforce to be aware of these tactics and take steps to prevent such attacks. This includes educating employees on the dangers of phishing and social engineering, as well as implementing robust security measures to protect sensitive data.

Comments (0)

Leave a comment

Back to homepage

You might also like